-
-
Notifications
You must be signed in to change notification settings - Fork 4.3k
Issues: nextcloud/server
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Author
Label
Projects
Milestones
Assignee
Sort
Issues list
[Bug]: DnsPinMiddleware.php uses wrong concept of handling failed DNS responses
0. Needs triage
Pending check for reproducibility or if it fits our roadmap
29-feedback
bug
security
#47849
opened Sep 9, 2024 by
uwedisch
5 of 8 tasks
[Bug]: strictDynamicAllowedOnScripts cannot be set to false
0. Needs triage
Pending check for reproducibility or if it fits our roadmap
28-feedback
bug
security
#45127
opened Apr 30, 2024 by
dtamajon
5 of 8 tasks
[Bug]: Session blocked when a user changes their password to one that is too long
0. Needs triage
Pending check for reproducibility or if it fits our roadmap
28-feedback
bug
feature: authentication
security
#45090
opened Apr 29, 2024 by
Kipok42
5 of 8 tasks
Feature: user email notification upon app password creation when using SSO
0. Needs triage
Pending check for reproducibility or if it fits our roadmap
enhancement
feature: authentication
security
#44769
opened Apr 10, 2024 by
rriemann
🎨 Improve design and process of adding clients using qr code
1. to develop
Accepted and waiting to be taken care of
client: 🤖🍏 mobile
design
Design, UI, UX, etc.
enhancement
feature: authentication
feature: settings
security
#44603
opened Apr 1, 2024 by
jospoortvliet
Allow non Same-Site Cookies set on first request
3. to review
Waiting for reviews
feedback-requested
security
Server security advisories link/section should link to/reference nextcloud/security-advisories repo rather than appearing empty
0. Needs triage
#40962
opened Oct 18, 2023 by
joshtrichards
Allow to configure "allowed domains" for CORS on DAV
2. developing
Work in progress
enhancement
feature: dav
security
stale
Ticket or PR with no recent activity
restrict outgoing connections (privacy, data protection, outbound traffic)
0. Needs triage
Pending check for reproducibility or if it fits our roadmap
enhancement
security
#38728
opened Jun 9, 2023 by
kolAflash
Network Access Management
0. Needs triage
Pending check for reproducibility or if it fits our roadmap
enhancement
security
#38220
opened May 12, 2023 by
SinghNanak
Add option to configure same-site Cookie policy to permit - e.g. using NC for SSO on different domain
0. Needs triage
Pending check for reproducibility or if it fits our roadmap
enhancement
feature: authentication
security
#38031
opened May 2, 2023 by
gymnae
Soften the brute force protection on shared links with password or without
0. Needs triage
Pending check for reproducibility or if it fits our roadmap
enhancement
feature: authentication
feature: sharing
security
#42614
opened Apr 18, 2023 by
GVLLIFESTYLE
CORS origin allowed list check
0. Needs triage
Pending check for reproducibility or if it fits our roadmap
developer experience
enhancement
integration
security
#37716
opened Apr 13, 2023 by
aleixq
[Bug]: Setup check for Pending check for reproducibility or if it fits our roadmap
25-feedback
bug
feature: settings
needs review
Needs review to determine if still applicable or covered by other Issues
security
X-XSS-Protection recommendation is deprecated
0. Needs triage
#37154
opened Mar 9, 2023 by
jbouter
5 tasks done
Allow custom sensitive values to be filtered out by Pending check for reproducibility or if it fits our roadmap
enhancement
feature: logging
security
OC\Log\ExceptionSerializer
0. Needs triage
#36611
opened Feb 8, 2023 by
summersab
Allow iFrame embedding for shared things (calendars etc.)
0. Needs triage
Pending check for reproducibility or if it fits our roadmap
enhancement
security
#35918
opened Dec 30, 2022 by
tzugen
CORS support in login v2 and OAuth2 flow
0. Needs triage
Pending check for reproducibility or if it fits our roadmap
developer experience
enhancement
feature: authentication
security
#34898
opened Oct 31, 2022 by
salonikumawat28
[Bug]: Pending check for reproducibility or if it fits our roadmap
25-feedback
feature: settings
needs review
Needs review to determine if still applicable or covered by other Issues
security
technical debt
X-Frame-Options is obsoleted by CSP frame-ancestors and is not checked in security overview
0. Needs triage
#34748
opened Oct 23, 2022 by
sevmonster
5 of 9 tasks
Directly send email on apppassword creation
0. Needs triage
Pending check for reproducibility or if it fits our roadmap
enhancement
feature: authentication
feature: emails
security
#34444
opened Oct 5, 2022 by
rullzer
2FA to change the user password
0. Needs triage
Pending check for reproducibility or if it fits our roadmap
enhancement
feature: authentication
feature: settings
security
#33085
opened Jul 1, 2022 by
ghost
CORS setting at user level
0. Needs triage
Pending check for reproducibility or if it fits our roadmap
enhancement
security
#30964
opened Feb 2, 2022 by
Cyrille37
Prevent users/group from making public links with write/delete permissions.
0. Needs triage
Pending check for reproducibility or if it fits our roadmap
enhancement
feature: sharing
security
#29266
opened Oct 15, 2021 by
Kosygor
Password protect federated shares
1. to develop
Accepted and waiting to be taken care of
enhancement
feature: federation
security
#27358
opened Jun 2, 2021 by
LukasReschke
Store trusted server shared secret encrypted in database
1. to develop
Accepted and waiting to be taken care of
enhancement
feature: federation
security
#27357
opened Jun 2, 2021 by
LukasReschke
Add audit logging for enabling/disabling 2FA
1. to develop
Accepted and waiting to be taken care of
enhancement
feature: admin audit
feature: authentication
security
#27356
opened Jun 2, 2021 by
LukasReschke
Previous Next
ProTip!
Mix and match filters to narrow down what you’re looking for.